volgens mij ligt het aan de regel "04-Global Srartup: WG111v2 Smart Wizard Wireless Setting.Ink=?" deze had net verwijderd moeten worden? Hoe krijg ik deze weer terug?
---------- Post toegevoegd om 11:58 ---------- Vorige post was om 11:48 ----------
Hoi Kape, ik heb het draadloze netwerk weer opgespoord :)bijgaande de logs.
Hijack this:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:23, on 15-4-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\AEIWLSTA.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DVBT\DetectTray.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Documents and Settings\Gebruiker\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Gebruiker\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\WG111v2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Kirsten\documenten\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Symbaloo | Je persoonlijke Startpagina
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AEIWLSTA.EXE] AEIWLSTA.EXE START
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DetectTray] C:\Program Files\DVBT\DetectTray.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [sansaDispatch] C:\Documents and Settings\Gebruiker\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
O4 - HKCU\..\Run: [spotify] "C:\Documents and Settings\Gebruiker\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Gebruiker\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/58.10/uploader2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {63D6DD13-C913-466D-9444-9357561E4D94} (Upload-applicatie Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/ma5.8.3/uploadtoepassing.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://online.spelletjes.nl/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} (CNeroSerialChecker Object) - http://www.nero.com/doc/NeroVersionChecker.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate1c9cf1c9c3ad9ca) (gupdate1c9cf1c9c3ad9ca) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
--
End of file - 14604 bytes
dit is de log.txt
11:09:56.0250 5864 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
11:09:56.0343 5864 ============================================================
11:09:56.0343 5864 Current date / time: 2012/04/15 11:09:56.0343
11:09:56.0343 5864 SystemInfo:
11:09:56.0343 5864
11:09:56.0343 5864 OS Version: 5.1.2600 ServicePack: 3.0
11:09:56.0343 5864 Product type: Workstation
11:09:56.0343 5864 ComputerName: LEEUWENPC
11:09:56.0343 5864 UserName: Gebruiker
11:09:56.0343 5864 Windows directory: C:\WINDOWS
11:09:56.0343 5864 System windows directory: C:\WINDOWS
11:09:56.0343 5864 Processor architecture: Intel x86
11:09:56.0343 5864 Number of processors: 2
11:09:56.0343 5864 Page size: 0x1000
11:09:56.0343 5864 Boot type: Normal boot
11:09:56.0343 5864 ============================================================
11:09:58.0843 5864 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:09:58.0859 5864 \Device\Harddisk0\DR0:
11:09:58.0859 5864 MBR used
11:09:58.0859 5864 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
11:09:58.0890 5864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x10E713B5
11:09:58.0968 5864 Initialize success
11:09:58.0968 5864 ============================================================
11:10:32.0718 4156 ============================================================
11:10:32.0718 4156 Scan started
11:10:32.0718 4156 Mode: Manual;
11:10:32.0718 4156 ============================================================
11:10:33.0140 4156 Abiosdsk - ok
11:10:33.0140 4156 abp480n5 - ok
11:10:33.0171 4156 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:10:33.0171 4156 ACPI - ok
11:10:33.0203 4156 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:10:33.0203 4156 ACPIEC - ok
11:10:33.0218 4156 adpu160m - ok
11:10:33.0281 4156 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:10:33.0281 4156 aec - ok
11:10:33.0312 4156 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:10:33.0312 4156 AegisP - ok
11:10:33.0359 4156 AEIWL_USB (869b7c3f994f2e806af42a11202edbc9) C:\WINDOWS\system32\DRIVERS\AEIWLUSB.sys
11:10:33.0375 4156 AEIWL_USB - ok
11:10:33.0406 4156 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:10:33.0421 4156 AFD - ok
11:10:33.0421 4156 Aha154x - ok
11:10:33.0437 4156 aic78u2 - ok
11:10:33.0437 4156 aic78xx - ok
11:10:33.0468 4156 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll
11:10:33.0468 4156 Alerter - ok
11:10:33.0500 4156 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe
11:10:33.0500 4156 ALG - ok
11:10:33.0500 4156 AliIde - ok
11:10:33.0515 4156 amsint - ok
11:10:33.0609 4156 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:10:33.0609 4156 Apple Mobile Device - ok
11:10:33.0609 4156 AppMgmt - ok
11:10:33.0625 4156 asc - ok
11:10:33.0625 4156 asc3350p - ok
11:10:33.0640 4156 asc3550 - ok
11:10:33.0718 4156 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:10:33.0718 4156 aspnet_state - ok
11:10:33.0734 4156 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:10:33.0734 4156 AsyncMac - ok
11:10:33.0750 4156 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:10:33.0750 4156 atapi - ok
11:10:33.0765 4156 AtcL001 (0907a12341e56dda7b22f8fd116a981d) C:\WINDOWS\system32\DRIVERS\l151x86.sys
11:10:33.0765 4156 AtcL001 - ok
11:10:33.0781 4156 Atdisk - ok
11:10:33.0812 4156 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:10:33.0812 4156 Atmarpc - ok
11:10:33.0828 4156 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll
11:10:33.0828 4156 AudioSrv - ok
11:10:33.0875 4156 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:10:33.0875 4156 audstub - ok
11:10:34.0046 4156 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
11:10:34.0093 4156 AVGIDSAgent - ok
11:10:34.0156 4156 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
11:10:34.0171 4156 AVGIDSDriver - ok
11:10:34.0171 4156 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
11:10:34.0171 4156 AVGIDSEH - ok
11:10:34.0187 4156 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
11:10:34.0187 4156 AVGIDSFilter - ok
11:10:34.0203 4156 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
11:10:34.0203 4156 AVGIDSShim - ok
11:10:34.0234 4156 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
11:10:34.0234 4156 Avgldx86 - ok
11:10:34.0234 4156 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
11:10:34.0250 4156 Avgmfx86 - ok
11:10:34.0281 4156 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
11:10:34.0281 4156 Avgrkx86 - ok
11:10:34.0312 4156 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
11:10:34.0312 4156 Avgtdix - ok
11:10:34.0359 4156 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
11:10:34.0359 4156 avgwd - ok
11:10:34.0406 4156 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:10:34.0406 4156 Beep - ok
11:10:34.0437 4156 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll
11:10:34.0453 4156 BITS - ok
11:10:34.0500 4156 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:10:34.0500 4156 Bonjour Service - ok
11:10:34.0531 4156 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll
11:10:34.0531 4156 Browser - ok
11:10:34.0546 4156 BtAudio - ok
11:10:34.0546 4156 BTDriver - ok
11:10:34.0562 4156 BTWDNDIS - ok
11:10:34.0562 4156 BTWUSB - ok
11:10:34.0578 4156 Cardex - ok
11:10:34.0609 4156 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:10:34.0609 4156 cbidf2k - ok
11:10:34.0625 4156 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:10:34.0625 4156 CCDECODE - ok
11:10:34.0640 4156 cd20xrnt - ok
11:10:34.0640 4156 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:10:34.0656 4156 Cdaudio - ok
11:10:34.0671 4156 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:10:34.0671 4156 Cdfs - ok
11:10:34.0687 4156 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:10:34.0687 4156 Cdrom - ok
11:10:34.0703 4156 Changer - ok
11:10:34.0734 4156 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe
11:10:34.0734 4156 CiSvc - ok
11:10:34.0750 4156 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe
11:10:34.0750 4156 ClipSrv - ok
11:10:34.0781 4156 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:10:34.0781 4156 clr_optimization_v2.0.50727_32 - ok
11:10:34.0812 4156 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:10:34.0812 4156 clr_optimization_v4.0.30319_32 - ok
11:10:34.0812 4156 CmdIde - ok
11:10:34.0828 4156 COMSysApp - ok
11:10:34.0843 4156 Cpqarray - ok
11:10:34.0875 4156 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll
11:10:34.0875 4156 CryptSvc - ok
11:10:34.0875 4156 dac2w2k - ok
11:10:34.0890 4156 dac960nt - ok
11:10:34.0937 4156 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll
11:10:34.0937 4156 DcomLaunch - ok
11:10:34.0984 4156 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll
11:10:34.0984 4156 Dhcp - ok
11:10:34.0984 4156 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:10:34.0984 4156 Disk - ok
11:10:35.0000 4156 dmadmin - ok
11:10:35.0046 4156 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
11:10:35.0046 4156 dmboot - ok
11:10:35.0078 4156 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
11:10:35.0078 4156 dmio - ok
11:10:35.0093 4156 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:10:35.0093 4156 dmload - ok
11:10:35.0125 4156 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll
11:10:35.0125 4156 dmserver - ok
11:10:35.0156 4156 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:10:35.0156 4156 DMusic - ok
11:10:35.0171 4156 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll
11:10:35.0171 4156 Dnscache - ok
11:10:35.0203 4156 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll
11:10:35.0203 4156 Dot3svc - ok
11:10:35.0218 4156 dpti2o - ok
11:10:35.0218 4156 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:10:35.0218 4156 drmkaud - ok
11:10:35.0234 4156 duh9zfon.sys - ok
11:10:35.0265 4156 e.dentifier2 (30e8affed744ec4c79b4961f5fe10134) C:\WINDOWS\system32\DRIVERS\aabed2.sys
11:10:35.0265 4156 e.dentifier2 - ok
11:10:35.0281 4156 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll
11:10:35.0281 4156 EapHost - ok
11:10:35.0312 4156 EC168BDA (1611aec2772e8acdc5f75542303b1f43) C:\WINDOWS\system32\DRIVERS\EC168BDA.sys
11:10:35.0312 4156 EC168BDA - ok
11:10:35.0343 4156 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll
11:10:35.0343 4156 ERSvc - ok
11:10:35.0375 4156 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe
11:10:35.0375 4156 Eventlog - ok
11:10:35.0421 4156 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll
11:10:35.0421 4156 EventSystem - ok
11:10:35.0437 4156 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:10:35.0437 4156 Fastfat - ok
11:10:35.0484 4156 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll
11:10:35.0484 4156 FastUserSwitchingCompatibility - ok
11:10:35.0500 4156 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:10:35.0500 4156 Fdc - ok
11:10:35.0515 4156 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
11:10:35.0515 4156 Fips - ok
11:10:35.0531 4156 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:10:35.0531 4156 Flpydisk - ok
11:10:35.0562 4156 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:10:35.0562 4156 FltMgr - ok
11:10:35.0640 4156 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:10:35.0640 4156 FontCache3.0.0.0 - ok
11:10:35.0656 4156 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
11:10:35.0671 4156 fssfltr - ok
11:10:35.0781 4156 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
11:10:35.0796 4156 fsssvc - ok
11:10:35.0796 4156 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:10:35.0796 4156 Fs_Rec - ok
11:10:35.0812 4156 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:10:35.0812 4156 Ftdisk - ok
11:10:35.0843 4156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
11:10:35.0843 4156 GEARAspiWDM - ok
11:10:35.0843 4156 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:10:35.0859 4156 Gpc - ok
11:10:35.0890 4156 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys
11:10:35.0890 4156 grmnusb - ok
11:10:35.0953 4156 gupdate1c9cf1c9c3ad9ca (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:10:35.0953 4156 gupdate1c9cf1c9c3ad9ca - ok
11:10:35.0968 4156 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:10:35.0968 4156 gupdatem - ok
11:10:36.0000 4156 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:10:36.0000 4156 gusvc - ok
11:10:36.0015 4156 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:10:36.0015 4156 HDAudBus - ok
11:10:36.0046 4156 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:10:36.0062 4156 helpsvc - ok
11:10:36.0062 4156 HidServ - ok
11:10:36.0109 4156 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:10:36.0109 4156 HidUsb - ok
11:10:36.0140 4156 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll
11:10:36.0140 4156 hkmsvc - ok
11:10:36.0140 4156 hpn - ok
11:10:36.0187 4156 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:10:36.0187 4156 HTTP - ok
11:10:36.0203 4156 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll
11:10:36.0203 4156 HTTPFilter - ok
11:10:36.0218 4156 i2omgmt - ok
11:10:36.0218 4156 i2omp - ok
11:10:36.0250 4156 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:10:36.0250 4156 i8042prt - ok
11:10:36.0312 4156 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:10:36.0312 4156 IDriverT - ok
11:10:36.0375 4156 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:10:36.0390 4156 idsvc - ok
11:10:36.0421 4156 IJPLMSVC (ce1ee31fff730ca975a5535d8a71af61) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
11:10:36.0437 4156 IJPLMSVC - ok
11:10:36.0453 4156 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:10:36.0453 4156 Imapi - ok
11:10:36.0500 4156 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe
11:10:36.0500 4156 ImapiService - ok
11:10:36.0500 4156 ini910u - ok
11:10:36.0656 4156 IntcAzAudAddService (574c9b2f9406d28f8f7e5c7b46b470e6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:10:36.0718 4156 IntcAzAudAddService - ok
11:10:36.0718 4156 IntelIde - ok
11:10:36.0750 4156 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:10:36.0750 4156 intelppm - ok
11:10:36.0765 4156 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:10:36.0765 4156 Ip6Fw - ok
11:10:36.0796 4156 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:10:36.0796 4156 IpFilterDriver - ok
11:10:36.0812 4156 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:10:36.0812 4156 IpInIp - ok
11:10:36.0843 4156 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:10:36.0843 4156 IpNat - ok
11:10:36.0921 4156 iPod Service (ca1972397b845b2f53f5dc63c22fd98a) C:\Program Files\iPod\bin\iPodService.exe
11:10:36.0937 4156 iPod Service - ok
11:10:36.0937 4156 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:10:36.0937 4156 IPSec - ok
11:10:36.0968 4156 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:10:36.0968 4156 IRENUM - ok
11:10:37.0000 4156 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:10:37.0000 4156 isapnp - ok
11:10:37.0093 4156 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
11:10:37.0093 4156 JavaQuickStarterService - ok
11:10:37.0109 4156 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:10:37.0109 4156 Kbdclass - ok
11:10:37.0140 4156 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:10:37.0140 4156 kbdhid - ok
11:10:37.0156 4156 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:10:37.0171 4156 kmixer - ok
11:10:37.0187 4156 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:10:37.0187 4156 KSecDD - ok
11:10:37.0218 4156 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll
11:10:37.0218 4156 lanmanserver - ok
11:10:37.0265 4156 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll
11:10:37.0296 4156 lanmanworkstation - ok
11:10:37.0296 4156 lbrtfdc - ok
11:10:37.0343 4156 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll
11:10:37.0375 4156 LmHosts - ok
11:10:37.0406 4156 LVUSBSta (65994b84dd34e2b8fe2cbe4a077fa2f1) C:\WINDOWS\system32\drivers\lvusbsta.sys
11:10:37.0406 4156 LVUSBSta - ok
11:10:37.0453 4156 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
11:10:37.0453 4156 MDM - ok
11:10:37.0484 4156 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll
11:10:37.0484 4156 Messenger - ok
11:10:37.0515 4156 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:10:37.0515 4156 mnmdd - ok
11:10:37.0531 4156 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe
11:10:37.0531 4156 mnmsrvc - ok
11:10:37.0546 4156 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
11:10:37.0546 4156 Modem - ok
11:10:37.0578 4156 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:10:37.0578 4156 Mouclass - ok
11:10:37.0609 4156 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:10:37.0609 4156 mouhid - ok
11:10:37.0625 4156 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:10:37.0625 4156 MountMgr - ok
11:10:37.0656 4156 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
11:10:37.0656 4156 MPE - ok
11:10:37.0671 4156 mraid35x - ok
11:10:37.0687 4156 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:10:37.0687 4156 MRxDAV - ok
11:10:37.0734 4156 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:10:37.0734 4156 MRxSmb - ok
11:10:37.0750 4156 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe
11:10:37.0750 4156 MSDTC - ok
11:10:37.0765 4156 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:10:37.0765 4156 Msfs - ok
11:10:37.0781 4156 MSIServer - ok
11:10:37.0796 4156 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:10:37.0796 4156 MSKSSRV - ok
11:10:37.0812 4156 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:10:37.0812 4156 MSPCLOCK - ok
11:10:37.0828 4156 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:10:37.0828 4156 MSPQM - ok
11:10:37.0828 4156 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:10:37.0828 4156 mssmbios - ok
11:10:37.0843 4156 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:10:37.0843 4156 MSTEE - ok
11:10:37.0875 4156 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
11:10:37.0875 4156 MTsensor - ok
11:10:37.0906 4156 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:10:37.0906 4156 Mup - ok
11:10:37.0921 4156 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:10:37.0921 4156 NABTSFEC - ok
11:10:37.0968 4156 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll
11:10:37.0968 4156 napagent - ok
11:10:38.0078 4156 NBService (3bae2bfcb6d69e19c8373f635dd544dc) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
11:10:38.0093 4156 NBService - ok
11:10:38.0125 4156 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:10:38.0125 4156 NDIS - ok
11:10:38.0140 4156 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:10:38.0140 4156 NdisIP - ok
11:10:38.0187 4156 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:10:38.0187 4156 NdisTapi - ok
11:10:38.0203 4156 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:10:38.0203 4156 Ndisuio - ok
11:10:38.0203 4156 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:10:38.0218 4156 NdisWan - ok
11:10:38.0250 4156 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:10:38.0250 4156 NDProxy - ok
11:10:38.0265 4156 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:10:38.0265 4156 NetBIOS - ok
11:10:38.0281 4156 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:10:38.0281 4156 NetBT - ok
11:10:38.0328 4156 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe
11:10:38.0328 4156 NetDDE - ok
11:10:38.0328 4156 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32\netdde.exe
11:10:38.0328 4156 NetDDEdsdm - ok
11:10:38.0359 4156 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
11:10:38.0359 4156 Netlogon - ok
11:10:38.0375 4156 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32\netman.dll
11:10:38.0390 4156 Netman - ok
11:10:38.0453 4156 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:10:38.0453 4156 NetTcpPortSharing - ok
11:10:38.0500 4156 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll
11:10:38.0500 4156 Nla - ok
11:10:38.0593 4156 NMIndexingService (193fa51dddd0bffded1c340f0434999a) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
11:10:38.0593 4156 NMIndexingService - ok
11:10:38.0640 4156 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\WINDOWS\system32\drivers\ccdcmb.sys
11:10:38.0640 4156 nmwcd - ok
11:10:38.0656 4156 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\WINDOWS\system32\drivers\ccdcmbo.sys
11:10:38.0656 4156 nmwcdc - ok
11:10:38.0687 4156 npf (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
11:10:38.0687 4156 npf - ok
11:10:38.0703 4156 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:10:38.0703 4156 Npfs - ok
11:10:38.0718 4156 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:10:38.0734 4156 Ntfs - ok
11:10:38.0734 4156 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
11:10:38.0734 4156 NtLmSsp - ok
11:10:38.0781 4156 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32\ntmssvc.dll
11:10:38.0781 4156 NtmsSvc - ok
11:10:38.0812 4156 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:10:38.0812 4156 Null - ok
11:10:38.0953 4156 nv (34c114da0a5e03219444e46f122ff5a3) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:10:39.0015 4156 nv - ok
11:10:39.0031 4156 NVSvc (ff8112711b5f9823d4595579b2130955) C:\WINDOWS\system32\nvsvc32.exe
11:10:39.0031 4156 NVSvc - ok
11:10:39.0062 4156 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:10:39.0062 4156 NwlnkFlt - ok
11:10:39.0078 4156 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:10:39.0078 4156 NwlnkFwd - ok
11:10:39.0093 4156 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
11:10:39.0109 4156 Parport - ok
11:10:39.0140 4156 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:10:39.0140 4156 PartMgr - ok
11:10:39.0171 4156 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
11:10:39.0171 4156 ParVdm - ok
11:10:39.0218 4156 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
11:10:39.0218 4156 pccsmcfd - ok
11:10:39.0234 4156 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
11:10:39.0234 4156 PCI - ok
11:10:39.0234 4156 PCIDump - ok
11:10:39.0265 4156 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:10:39.0265 4156 PCIIde - ok
11:10:39.0281 4156 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:10:39.0296 4156 Pcmcia - ok
11:10:39.0296 4156 PDCOMP - ok
11:10:39.0312 4156 PDFRAME - ok
11:10:39.0312 4156 PDRELI - ok
11:10:39.0328 4156 PDRFRAME - ok
11:10:39.0328 4156 perc2 - ok
11:10:39.0343 4156 perc2hib - ok
11:10:39.0375 4156 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\WINDOWS\system32\IoctlSvc.exe
11:10:39.0375 4156 PLFlash DeviceIoControl Service - ok
11:10:39.0421 4156 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe
11:10:39.0421 4156 PlugPlay - ok
11:10:39.0437 4156 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
11:10:39.0437 4156 PolicyAgent - ok
11:10:39.0468 4156 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:10:39.0468 4156 PptpMiniport - ok
11:10:39.0468 4156 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
11:10:39.0468 4156 ProtectedStorage - ok
11:10:39.0484 4156 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:10:39.0484 4156 PSched - ok
11:10:39.0484 4156 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:10:39.0500 4156 Ptilink - ok
11:10:39.0515 4156 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:10:39.0515 4156 PxHelp20 - ok
11:10:39.0562 4156 QCMerced (a5d52c11eff8b133432d98b2c2a4aee6) C:\WINDOWS\system32\DRIVERS\LVCM.sys
11:10:39.0578 4156 QCMerced - ok
11:10:39.0578 4156 ql1080 - ok
11:10:39.0593 4156 Ql10wnt - ok
11:10:39.0593 4156 ql12160 - ok
11:10:39.0609 4156 ql1240 - ok
11:10:39.0609 4156 ql1280 - ok
11:10:39.0640 4156 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:10:39.0640 4156 RasAcd - ok
11:10:39.0656 4156 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll
11:10:39.0656 4156 RasAuto - ok
11:10:39.0671 4156 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:10:39.0671 4156 Rasl2tp - ok
11:10:39.0718 4156 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll
11:10:39.0734 4156 RasMan - ok
11:10:39.0734 4156 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:10:39.0734 4156 RasPppoe - ok
11:10:39.0750 4156 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:10:39.0750 4156 Raspti - ok
11:10:39.0765 4156 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:10:39.0765 4156 Rdbss - ok
11:10:39.0765 4156 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:10:39.0781 4156 RDPCDD - ok
11:10:39.0828 4156 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
11:10:39.0828 4156 RDPWD - ok
11:10:39.0859 4156 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe
11:10:39.0859 4156 RDSessMgr - ok
11:10:39.0875 4156 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:10:39.0875 4156 redbook - ok
11:10:39.0906 4156 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll
11:10:39.0906 4156 RemoteAccess - ok
11:10:40.0000 4156 RichVideo (bd517c7fb119997effbe39d5e4b37b05) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:10:40.0015 4156 RichVideo - ok
11:10:40.0046 4156 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
11:10:40.0046 4156 ROOTMODEM - ok
11:10:40.0062 4156 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe
11:10:40.0062 4156 RpcLocator - ok
11:10:40.0109 4156 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll
11:10:40.0109 4156 RpcSs - ok
11:10:40.0140 4156 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe
11:10:40.0140 4156 RSVP - ok
11:10:40.0187 4156 RTLWUSB (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINDOWS\system32\DRIVERS\wg111v2.sys
11:10:40.0187 4156 RTLWUSB - ok
11:10:40.0234 4156 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
11:10:40.0234 4156 SamSs - ok
11:10:40.0250 4156 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe
11:10:40.0250 4156 SCardSvr - ok
11:10:40.0265 4156 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll
11:10:40.0265 4156 Schedule - ok
11:10:40.0312 4156 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:10:40.0312 4156 Secdrv - ok
11:10:40.0343 4156 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll
11:10:40.0343 4156 seclogon - ok
11:10:40.0343 4156 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll
11:10:40.0343 4156 SENS - ok
11:10:40.0390 4156 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:10:40.0390 4156 serenum - ok
11:10:40.0406 4156 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
11:10:40.0406 4156 Serial - ok
11:10:40.0531 4156 ServiceLayer (58d5bfdf3adf49fe9cabd78cc61d92f6) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
11:10:40.0531 4156 ServiceLayer - ok
11:10:40.0562 4156 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:10:40.0562 4156 Sfloppy - ok
11:10:40.0593 4156 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll
11:10:40.0593 4156 SharedAccess - ok
11:10:40.0640 4156 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll
11:10:40.0640 4156 ShellHWDetection - ok
11:10:40.0656 4156 Simbad - ok
11:10:40.0687 4156 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:10:40.0687 4156 SLIP - ok
11:10:40.0703 4156 Sparrow - ok
11:10:40.0718 4156 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:10:40.0718 4156 splitter - ok
11:10:40.0734 4156 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:10:40.0750 4156 Spooler - ok
11:10:40.0765 4156 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
11:10:40.0765 4156 sr - ok
11:10:40.0781 4156 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll
11:10:40.0796 4156 srservice - ok
11:10:40.0812 4156 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:10:40.0812 4156 Srv - ok
11:10:40.0843 4156 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll
11:10:40.0843 4156 SSDPSRV - ok
11:10:40.0890 4156 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll
11:10:40.0890 4156 stisvc - ok
11:10:40.0921 4156 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:10:40.0921 4156 streamip - ok
11:10:40.0937 4156 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:10:40.0937 4156 swenum - ok
11:10:41.0078 4156 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:10:41.0078 4156 SwitchBoard - ok
11:10:41.0093 4156 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:10:41.0093 4156 swmidi - ok
11:10:41.0093 4156 SwPrv - ok
11:10:41.0109 4156 symc810 - ok
11:10:41.0125 4156 symc8xx - ok
11:10:41.0125 4156 sym_hi - ok
11:10:41.0140 4156 sym_u3 - ok
11:10:41.0171 4156 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:10:41.0171 4156 sysaudio - ok
11:10:41.0187 4156 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe
11:10:41.0187 4156 SysmonLog - ok
11:10:41.0265 4156 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll
11:10:41.0281 4156 TapiSrv - ok
11:10:41.0312 4156 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:10:41.0328 4156 Tcpip - ok
11:10:41.0343 4156 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:10:41.0343 4156 TDPIPE - ok
11:10:41.0375 4156 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:10:41.0375 4156 TDTCP - ok
11:10:41.0375 4156 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:10:41.0390 4156 TermDD - ok
11:10:41.0406 4156 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll
11:10:41.0406 4156 TermService - ok
11:10:41.0453 4156 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll
11:10:41.0453 4156 Themes - ok
11:10:41.0453 4156 TosIde - ok
11:10:41.0468 4156 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll
11:10:41.0468 4156 TrkWks - ok
11:10:41.0515 4156 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:10:41.0515 4156 Udfs - ok
11:10:41.0515 4156 ultra - ok
11:10:41.0546 4156 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:10:41.0546 4156 Update - ok
11:10:41.0593 4156 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll
11:10:41.0609 4156 upnphost - ok
11:10:41.0640 4156 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
11:10:41.0640 4156 upperdev - ok
11:10:41.0656 4156 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe
11:10:41.0656 4156 UPS - ok
11:10:41.0671 4156 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:10:41.0687 4156 USBAAPL - ok
11:10:41.0703 4156 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:10:41.0703 4156 usbaudio - ok
11:10:41.0718 4156 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:10:41.0718 4156 usbccgp - ok
11:10:41.0734 4156 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:10:41.0734 4156 usbehci - ok
11:10:41.0750 4156 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:10:41.0750 4156 usbhub - ok
11:10:41.0781 4156 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:10:41.0781 4156 usbprint - ok
11:10:41.0812 4156 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:10:41.0812 4156 usbscan - ok
11:10:41.0828 4156 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
11:10:41.0828 4156 usbser - ok
11:10:41.0859 4156 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
11:10:41.0859 4156 UsbserFilt - ok
11:10:41.0890 4156 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:10:41.0890 4156 USBSTOR - ok
11:10:41.0890 4156 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:10:41.0890 4156 usbuhci - ok
11:10:41.0906 4156 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:10:41.0906 4156 VgaSave - ok
11:10:41.0906 4156 ViaIde - ok
11:10:41.0937 4156 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
11:10:41.0937 4156 VolSnap - ok
11:10:41.0968 4156 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe
11:10:41.0968 4156 VSS - ok
11:10:42.0078 4156 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
11:10:42.0093 4156 vToolbarUpdater10.2.0 - ok
11:10:42.0109 4156 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll
11:10:42.0109 4156 W32Time - ok
11:10:42.0156 4156 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:10:42.0156 4156 Wanarp - ok
11:10:42.0203 4156 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:10:42.0203 4156 Wdf01000 - ok
11:10:42.0218 4156 WDICA - ok
11:10:42.0250 4156 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:10:42.0250 4156 wdmaud - ok
11:10:42.0265 4156 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll
11:10:42.0265 4156 WebClient - ok
11:10:42.0312 4156 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:10:42.0312 4156 winmgmt - ok
11:10:42.0343 4156 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:10:42.0359 4156 WmdmPmSN - ok
11:10:42.0375 4156 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:10:42.0375 4156 WmiApSrv - ok
11:10:42.0453 4156 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe
11:10:42.0453 4156 WMPNetworkSvc - ok
11:10:42.0484 4156 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:10:42.0484 4156 WpdUsb - ok
11:10:42.0562 4156 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:10:42.0578 4156 WPFFontCache_v0400 - ok
11:10:42.0609 4156 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll
11:10:42.0609 4156 wscsvc - ok
11:10:42.0640 4156 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:10:42.0640 4156 WSTCODEC - ok
11:10:42.0656 4156 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll
11:10:42.0656 4156 wuauserv - ok
11:10:42.0687 4156 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:10:42.0687 4156 WudfPf - ok
11:10:42.0718 4156 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:10:42.0718 4156 WudfRd - ok
11:10:42.0750 4156 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
11:10:42.0750 4156 WudfSvc - ok
11:10:42.0796 4156 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll
11:10:42.0812 4156 WZCSVC - ok
11:10:42.0812 4156 xcpip - ok
11:10:42.0843 4156 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll
11:10:42.0843 4156 xmlprov - ok
11:10:42.0859 4156 xpsec - ok
11:10:42.0875 4156 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0
11:10:42.0875 4156 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
11:10:42.0875 4156 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
11:10:42.0875 4156 Boot (0x1200) (764977135db4203427331e54395ab856) \Device\Harddisk0\DR0\Partition0
11:10:42.0890 4156 \Device\Harddisk0\DR0\Partition0 - ok
11:10:42.0906 4156 Boot (0x1200) (7043eebce55f0e5461a8a1deeb4c2066) \Device\Harddisk0\DR0\Partition1
11:10:42.0906 4156 \Device\Harddisk0\DR0\Partition1 - ok
11:10:42.0906 4156 ============================================================
11:10:42.0906 4156 Scan finished
11:10:42.0906 4156 ============================================================
11:10:42.0906 1692 Detected object count: 1
11:10:42.0906 1692 Actual detected object count: 1
11:10:52.0796 1692 \Device\Harddisk0\DR0\# - copied to quarantine
11:10:52.0796 1692 \Device\Harddisk0\DR0 - copied to quarantine
11:10:52.0796 1692 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
11:10:52.0796 1692 \Device\Harddisk0\DR0 - ok
11:10:52.0796 1692 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
11:11:26.0484 6140 Deinitialize success
